Reference no: EM133015794

Laboratory - Keylogger and Data breaches

Description:
This manual is for running experiment on software based Key logger - Spyrix Keylogger and for examining data breaches incidents published by a non-profit organization.

Exercises 1 : Use a Software Keylogger

Pre-work:
1. Launch Virtual Box
2. Launch your Win8.1 VM
3. Do all your exercises in the VM

Keylogger: A key logger program captures everything that a user enters on a computer keyboard. In this project, you will download and use a software key logger.

1. Open your web browser and enter the URL: www.spyrix.com
[The location of content on the Internet may change without warn- ing. If you are no longer able to access the program through the above URL, use a search engine to search for "Spyrix Personal Monitor".]
2. Click products and compare the features of the different Spyrix products.
3. Click download.
4. Under Spyrix Free Keylogger click Free Download.
5. When the file finishes downloading, install Spyrix and follow the default installation procedures.
6. Click Finish to launch Spyrix.
7. Click Next to use the wizard to set the program settings.
8. The Hide everywhere is not available on the Free Keylogger version but for the other versions this would allow Spyrix to act like a rootkit with no traces available. Click Next.
9. Create a strong password and enter it under Password to protect access to the program. Click Next.
10. Change Screenshot Quality to Medium Quality - Medium Size. Click Next.
11. Check Online Monitoring (via any web-browser) to set up the ability to view activity online. Click OK.
12. Enter your email address and create another strong password. Click Create NEW Online Monitoring Account. When the account is set up a message will appear. Click OK.
13. Click Test secure connection.
14. Click Try to send log.
15. Click Enter your online monitoring account.
16. Enter your username and password.
17. Click Remote computer settings.
18. Under Delivery Interval change the time to 2 minutes. Click Apply.
19. Close the web browser to return to the Spyrix
20. Under Delivery Interval change the time to 2 minutes. Click Next.
21. If prompted enter your Spyrix password.
22. Click the Spyrix icon in your system tray and enter the password.
23. Click Start.
24. Click Minimize.
25. Now use your computer for several minutes as you normally would.
26. Open your web browser and go to spyrix.net and enter your username and password.
27. Under Events click ALL EVENTS to view everything that has been done on the computer.
28. Click Screenshots. In the Value column click a screenshot.
29. Click Program Activity to view the programs that you were using.
30. Select several other options to view the keylogging and spy features of this program.
31. Close the web browser.
32. Click the Spyrix icon in your system tray and enter the password.
33. Click Stop and then Exit.
34. Enter your password and click OK.
35. Close all windows.

Exercise 2: Examine Data Breaches

The Privacy Rights Clearinghouse (PRC) is a non-profit organization whose goals are to raise consumers' awareness of how technology affects personal privacy and empower consumers to take action to control their own personal information. The PRC maintains a searchable database of security breaches that impact consumer's privacy. In this exercise, you will gather information from the PRC website.

1. Open a web browser and enter the URL www.privacyrights.org/data-breach.
[The location of content on the internet may change without warning. If you are no longer able to access the site through the above web address, use a search engine to search for "Privacy Rights Clearinghouse Data Breach"]

2. First spend time reading about the RPC. Click About Us in the toolbar.

3. Scroll down to the content under Mission and Goals and also under services. Spend a few minutes reading about the PRC.

4. Click your browser's Back button to return to the previous page.

5. On the Chronology of Data Breaches page scroll down and observe the different breaches listed in chronological order.

6. Now create a customized list of the data that will only list data breaches of educational institutions. Scroll back to the top of the page.

7. Under Select organization type(s), uncheck all organizations except Educational Institutions.

8. Click GO!

9. Scroll down to Breach Subtotal if necessary. How many breaches that were made public pertain to educations institutions?

10. Scroll down and observe the breaches for educational institutions.

11. Scroll back to the top of the page. Click New Search, locate beneath the GO! button.

12. Now search for breaches that were a result of lost, discarded, or stolen equipment that belonged to the government and military. Under Choose the type of breaches to display, uncheck all types except Portable devices (PORT) - Lost, discarded or stolen laptop, PDA, smartphone, portable memory device, CD, hard drive, data tape, etc.

13. Under Select organization types(s), uncheck all organizations except GOV - Government and Military.

14. Click GO!.

15. Scroll down to Breach Subtotal, if necessary. How many breaches that were made public pertain to this type?

16. Scroll down and observe the breaches for governmental institutions.

17. Scroll back to the top of the page.

18. Now create a search based on criteria that you are interested in, such as the Payment Card Fraud against Retail/Merchants during the current year.

19. When finished, close all windows.

Attachment:- Manual keylogger data breaches.rar